Lucene search

MitreCVE-2000-0637

HistoryOct 13, 2000 - 4:00 a.m.

CVE-2000-0637

2000-10-1304:00:00

mitre

web.nvd.nist.gov

microsoft excel 97

excel 2000

arbitrary commands

malicious .dll

vulnerability

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

High

EPSS

0.001

Percentile

25.8%

JSON

Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the “Excel REGISTER.ID Function” vulnerability.

Affected configurations

Nvd

Node

microsoftexcelMatch97

microsoftexcelMatch2000

VendorProductVersionCPE
microsoftexcel97cpe:2.3:a:microsoft:excel:97:*:*:*:*:*:*:*
microsoftexcel2000cpe:2.3:a:microsoft:excel:2000:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	excel	97	cpe:2.3:a:microsoft:excel:97:::::::*
microsoft	excel	2000	cpe:2.3:a:microsoft:excel:2000:::::::*

References

www.securityfocus.com/bid/1451

www.securityfocus.com/templates/archive.pike?list=1&msg=396B3F8F.9244D290%40nat.bg

docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-051

exchange.xforce.ibmcloud.com/vulnerabilities/5016

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

High

EPSS

0.001

Percentile

25.8%

JSON

Related for CVE-2000-0637